<?php

global $_GPC;
global $_W;
$operation = !empty($_GPC['op']) ? $_GPC['op'] : 'display';
$cfg = $this->module['config'];
$shopid = check_right(3);
if (!$shopid) {
    message('请先选择需要管理的店铺', $this->createWebUrl('shop'), 'error');
}
if ($operation == 'display') {
    $where .= $_GPC['groupid'] ? ' and pcate=\'' . $_GPC['groupid'] . '\' ' : ' and pcate=\'' . $shopid . '\' ';
    if ($_GPC['keyword']) {
        $where .= ' and (useracount like \'%' . $_GPC['keyword'] . '%\' or realname like \'%' . $_GPC['keyword'] . '%\' or mobile like \'%' . $_GPC['keyword'] . '%\' )';
    }
    $list = pdo_fetchall('SELECT * FROM ' . tablename('j_hmoney_user') . ' WHERE weid = \'' . $_W['uniacid'] . '\' ' . $where . ' order by status desc, id desc');
    $grouplist = pdo_fetchall('SELECT * FROM ' . tablename('j_hmoney_group') . ' WHERE weid = \'' . $_W['uniacid'] . '\' ORDER BY id asc');
    $groupary = array();
    foreach ($grouplist as $row) {
        $groupary[$row['id']] = $row['companyname'];
    }
} else {
    if ($operation == 'post') {
        $id = $_GPC['id'];
        if ($id) {
            $item = pdo_fetch('SELECT * FROM ' . tablename('j_hmoney_user') . ' WHERE id = :id ', array(':id' => $id));
        } else {
            if ($cfg['usernum']) {
                $allgroup = pdo_fetchcolumn('SELECT count(*) FROM ' . tablename('j_hmoney_user') . ' WHERE weid=\'' . $_W['uniacid'] . '\'');
                if ($allgroup >= $cfg['usernum']) {
                    message('只能添加' . $cfg['usernum'] . '个坐席，增加请联系服务商');
                }
            }
        }
        $list = pdo_fetchall('SELECT * FROM ' . tablename('j_hmoney_group') . ' WHERE weid = \'' . $_W['uniacid'] . '\' order by id desc');
        $users = pdo_fetchall('SELECT * FROM ' . tablename('users') . ' where uid in (SELECT uid FROM ' . tablename('users_permission') . ' WHERE uniacid = \'' . $_W['uniacid'] . '\' group by uid )');
        if (checksubmit('submit')) {
            $data = array('useracount' => $_GPC['useracount'], 'weid' => $_W['uniacid'], 'headimg' => $_GPC['headimg'], 'realname' => $_GPC['realname'], 'openid' => $_GPC['openid'], 'mobile' => $_GPC['mobile'], 'password' => $_GPC['password'] ? md5($_GPC['password']) : '', 'login_pc' => intval($_GPC['login_pc']), 'login_m' => intval($_GPC['login_m']), 'status' => intval($_GPC['status']), 'pcate' => intval($_GPC['pcate']), 'spassword' => $_GPC['spassword'], 'permission' => intval($_GPC['permission']), 'docking' => intval($_GPC['docking']), 'imei' => trim($_GPC['imei']), 'isimei' => intval($_GPC['isimei']), 'isdiscount' => intval($_GPC['isdiscount']));
            if (!$data['pcate']) {
                message('请选择所属组别');
            }
            if ($id) {
                if (!$data['password']) {
                    unset($data['password']);
                }
                unset($data['useracount']);
                if ($data['docking']) {
                    $isUsed = pdo_fetchcolumn('SELECT count(*) FROM ' . tablename('j_hmoney_user') . ' WHERE weid = \'' . $_W['uniacid'] . '\' and docking=:a and id<>:b', array(':a' => $data['docking'], ':b' => $id));
                    if ($isUsed) {
                        message('该后台账号已经被使用，请更换其他');
                    }
                }
                if ($data['spassword']) {
                    $isUsed = pdo_fetchcolumn('SELECT count(*) FROM ' . tablename('j_hmoney_user') . ' WHERE weid = \'' . $_W['uniacid'] . '\' and spassword=:a and id<>:b and pcate=:c ', array(':a' => $data['spassword'], ':b' => $id, ':c' => $data['pcate']));
                    if ($isUsed) {
                        message('该短密码已经被占用，请更换其他');
                    }
                }
                pdo_update('j_hmoney_user', $data, array('id' => $id));
            } else {
                if ($cfg['usernum']) {
                    $allgroup = pdo_fetchcolumn('SELECT count(*) FROM ' . tablename('j_hmoney_user') . ' WHERE weid=\'' . $_W['uniacid'] . '\'');
                    if ($allgroup >= $cfg['usernum']) {
                        message('只能添加' . $cfg['usernum'] . '个坐席，增加请联系服务商');
                    }
                }
                $isUsed = pdo_fetchcolumn('SELECT count(*) FROM ' . tablename('j_hmoney_user') . ' WHERE weid = \'' . $_W['uniacid'] . '\' and useracount=:a', array(':a' => $data['useracount']));
                if ($isUsed) {
                    message('【' . $data['useracount'] . '】已经被使用，请更换其他工号');
                }
                if ($data['docking']) {
                    $isUsed = pdo_fetchcolumn('SELECT count(*) FROM ' . tablename('j_hmoney_user') . ' WHERE weid = \'' . $_W['uniacid'] . '\' and docking=:a', array(':a' => $data['docking']));
                    if ($isUsed) {
                        message('该后台账号已经被使用，请更换其他');
                    }
                }
                if ($data['spassword']) {
                    $isUsed = pdo_fetchcolumn('SELECT count(*) FROM ' . tablename('j_hmoney_user') . ' WHERE weid = \'' . $_W['uniacid'] . '\' and spassword=:a and pcate=:c ', array(':a' => $data['spassword'], ':c' => $data['pcate']));
                    if ($isUsed) {
                        message('该短密码已经被占用，请更换其他');
                    }
                }
				
				$data['createtime'] = time();
				pdo_insert('j_hmoney_user', $data);
				$id = pdo_insertid();
            }
            message('修改完成', $this->createWebUrl('staff', array('op' => 'post', 'id' => $id)), 'success');
        }
    } else {
        if ($operation == 'delete') {
            $id = intval($_GPC['id']);
            if ($id) {
                $isUsed = pdo_fetchcolumn('SELECT count(*) FROM ' . tablename('j_hmoney_order') . ' WHERE weid = \'' . $_W['uniacid'] . '\' and userid=:a', array(':a' => $id));
                if ($isUsed) {
                    pdo_update('j_hmoney_user', array('status' => 0), array('id' => $id));
                    message('该收银员下有收银记录，不能删除', '', 'error');
                }
                pdo_delete('j_hmoney_user', array('id' => $id));
            }
            message('删除成功', $this->createWebUrl('staff'), 'success');
        } else {
            if ($operation == 'changepass') {
                $id = intval($_GPC['id']);
                $pass = trim($_GPC['pass']);
                if (strlen($pass) < 6) {
                    exit(json_encode(array('success' => false, 'msg' => '密码长度错误')));
                }
                $item = pdo_fetch('SELECT * FROM ' . tablename('j_hmoney_user') . ' WHERE id = :id ', array(':id' => $id));
                if (!$item) {
                    exit(json_encode(array('success' => false, 'msg' => '用户不存在')));
                }
                $data = array('password' => md5($pass));
                pdo_update('j_hmoney_user', $data, array('id' => $id));
                exit(json_encode(array('success' => true)));
            }
        }
    }
}
include $this->template('web/' . $cfg['floder'] . '/staff');
//$data['createtime'] = NULL;
//pdo_insert('j_hmoney_user', $data);
//$id = pdo_insertid();